{"id":"CVE-2026-41079","summary":"OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users","details":"OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is converted from UTF-16 to UTF-8 and stored as printer supply description strings, which are subsequently visible to authenticated users via IPP Get-Printer-Attributes responses and the CUPS web interface. This vulnerability is fixed in 2.4.17.","aliases":["GHSA-6wpw-g8g6-wvrv"],"modified":"2026-05-31T18:29:37.511116590Z","published":"2026-04-24T16:54:38.742Z","related":["SUSE-SU-2026:21787-1","SUSE-SU-2026:21836-1","openSUSE-SU-2026:10820-1","openSUSE-SU-2026:20812-1"],"database_specific":{"cwe_ids":["CWE-125","CWE-200"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41079.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41079.json"},{"type":"ADVISORY","url":"https://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41079"},{"type":"FIX","url":"https://github.com/OpenPrinting/cups/commit/b7c2525a885f528d243c3a92197ca99609b3f080"},{"type":"FIX","url":"https://github.com/OpenPrinting/cups/commit/d7fe0f521ff3b24676511e747b058362b9a20737"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openprinting/cups","events":[{"introduced":"0"},{"fixed":"4bd119bbec57885993ab583c79ee5c70be77a7c2"}]}],"versions":["v2.4.16","v2.4.15","v2.4.14","v2.4.13","v2.4.12","v2.4.11","v2.4.10","v2.4.9","v2.4.8","v2.4.7","v2.4.6","v2.4.5","v2.4.3","v2.4.4","v2.4.2","v2.4.1","v2.4.0","v2.4rc1","v2.4b1","v2.3.3op2","v2.3.3op1","v2.3.3","v2.3.1","v2.3.0","v2.3rc1","v2.3b8","v2.3b7","v2.3b6","v2.3b5","v2.3b4","v2.3b3","v2.3b2","v2.3b1","v2.2.6","v2.2.5","v2.2.4","v2.2.3","v2.2.2","v2.2.1","v2.2.0","v2.2rc1","v2.2b2","v2.2b1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41079.json","vanir_signatures_modified":"2026-05-28T11:13:20Z","vanir_signatures":[{"source":"https://github.com/openprinting/cups/commit/4bd119bbec57885993ab583c79ee5c70be77a7c2","digest":{"line_hashes":["299893045949588976139623539753662255133","250277918484656917067460661332154754845","180926957210100798147957675817561822731","328371740011098925653118821188853713521","12965106556956194427173249060981454822","80893087353804966362527825391315791552","176662638266879331245245720019172492324","246157329180559496201844320315879132350"],"threshold":0.9},"target":{"file":"cups/cups.h"},"deprecated":false,"signature_type":"Line","signature_version":"v1","id":"CVE-2026-41079-c5b2088d"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}